Information Security Officer responsible for safeguarding Alberta's information assets. Protecting data integrity while managing cybersecurity threats and vulnerabilities.
About the role
- Security Engineer enhancing security in Java-based enterprise applications at TopQuadrant. Designing and implementing security solutions while maintaining compliance with data protection regulations.
Responsibilities
- Design and implement security solutions for Java-based applications
- Secure applications, microservices, APIs, and databases against vulnerabilities
- Perform static (SAST) and dynamic (DAST) security testing
- Perform quarterly Vulnerability Scans and annual Penetration Test
- Manage application dependencies and vulnerabilities within established SLAs
- Implement and support authentication (OAuth, SAML), authorization (RBAC), and encryption
- Integrate security into the CI/CD pipeline to automate security testing and compliance checks
- Monitor, analyze, and respond to security incidents and security questionnaires
- Manage Drata for security monitoring, compliance automation, and audit readiness
- Ensure compliance with data protection regulations (GDPR, CCPA, HIPAA) and security frameworks (ISO 27001, NIST, SOC 2)
- Collaborate with development teams to enforce secure coding best practices via code reviews
- Work with Spring Security to enforce access controls and secure distributed applications
- Maintain and publish TopQuadrant’s Authorized Software List
- Stay updated on the latest security vulnerabilities affecting Java and Spring ecosystems
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, or a related field
- Strong Java development experience, with proficiency in Spring Boot and Spring Security
- Experience with secure coding practices (OWASP Top 10, CWE, etc.)
- Hands-on experience with security tools such as SonarQube and Snyk
- Knowledge of encryption techniques (AES, RSA), authentication protocols (OAuth, OpenID Connect), and API security
- Experience with cloud security best practices (AWS, Azure, or GCP)
- Certifications such as CISSP, CEH, CSSLP, or AWS Security are a plus
Benefits
- Flexible work arrangements
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Information Security Officer responsible for safeguarding Alberta’s information assets. Join a team driving critical cybersecurity initiatives across the Government of Alberta.
Senior Security Data Scientist at Desjardins Group utilizing AI for security enhancements. Analyzing data to support security operations and methodologies development for comprehensive analytics.
Director of Engineering leading GitLab's Security Risk Management platform development for enterprise - scale vulnerability analysis. Focusing on high - performance distributed systems design and collaboration with cross - functional teams.
Lead Security Governance and TPRM functions at Affirm, a fintech company. Drive policy frameworks and manage vendor risks to ensure operational maturity.
Senior Software Engineer developing Data Security platform services for Abnormal AI. Leading initiatives in security and privacy, ensuring safe data handling across products and ecosystems.
Senior Software Engineer developing AI - powered security products at Sophos. Owning end - to - end product development from idea to production across frontend, backend, and APIs.
IT consultant providing security assessments and IT infrastructure reviews. Focused on identifying risks and delivering recommendations for improvement across multiple domains.
Lead Security Engineer at US Mobile building systems for the 21st century with a focus on fraud prevention and security integration across SDLC.
Manager, Cybersecurity & IT Risk ensuring audits and risk management practices at CNB. Collaborating with teams to address cybersecurity and IT controls issues effectively.